|
Family: CISCO --> Category: infos
Cisco IOS TCLSH AAA Command Authorization Bypass Vulnerability Vulnerability Scan
Vulnerability Scan Summary Uses SNMP to determine if a flaw is present
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote router contains a flaw which may let users with shell access
to elevate their rights
Description :
The remote host is a CISCO router containing a version of IOS which is
vulnerable to a remote AAA command autorization bypass vulnerability.
The remote version of IOS does not enforce AAA command authorization checks
for commands etnered in the TCL shell. A possible hacker with a shell access on
the remote route may gain elevated rights on the remote device.
Solution :
http://www.cisco.com/warp/public/707/cisco-response-20060125-aaatcl.shtml
Threat Level:
Medium / CVSS Base Score : 4
(AV:L/AC:L/Au:R/C:C/A:C/I:C/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|